1. Field of the Invention
The present invention relates in general to the field of information handling system firmware updates, and more particularly to information handling system secure option ROM firmware updates.
2. Description of the Related Art
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Information handling systems are typically built from a variety of components that cooperate to process information. For example, a central processing unit (CPU) runs applications to perform desired functions, such as word processing, multimedia content presentation, web browsing and e-mail. End users interact with applications through a variety of auxiliary subsystems built from the components. Auxiliary subsystems input information for use by the applications and present information processed by the applications. Some examples of auxiliary subsystems include a video subsystem that processes information to generate visual image information for presentation at a display, SCSI subsystems that support communications with storage devices such as hard disk drives and optical drives, and network subsystems that support communications with networks to perform functions such as a PXE network boot.
Information handling systems typically coordinate the interaction between applications running on a CPU and physical components with an operating system that also runs on the CPU. In addition, information handling systems generally have a system boot and initialization firmware architecture that provides the operating system with access to physical components, such as a Basic Input/Output System (BIOS). The BIOS is a set of firmware instructions that run on physical components generally referred to as the chipset. During initialization up of an information handling system, the BIOS coordinates a boot of the operating system from persistent storage, such as a hard disk drive, to an operational state running on the CPU and also typically stored in random access memory (RAM) interfaced with the CPU. In addition to the BIOS, other firmware instructions known as option ROMs are typically included to support operation of auxiliary subsystems. Option ROMs are autonomous pieces of firmware which control the boot and configuration of auxiliary subsystems within a platform and in some instances also serve as runtime code for some types of subsystems. For example, a video BIOS option ROM is typically loaded early in boot to coordinate operations of the video subsystem with the main BIOS and operating system so that information can be presented at a display. Other examples of option ROMS include a SCSI BIOS option ROM that makes storage devices visible to other components during boot and a network boot ROM, such as a PXE option ROM that supports boot of the information handling system from a network interface.
One difficulty with information handling systems is that malicious code executing on a physical component can compromise information stored on an information handling system and can even lead to failure of the information handling system. Although malicious code is most commonly targeted at applications and operating systems running on an information handling system, successful attacks by malicious code on an information handling system's firmware presents a high risk because firmware runs at a more privileged level than most anti-malware tools available today. In response to the threat presented by malicious software attacks on firmware, a number of secure platform initiatives have been initiated, such as NIST 800-147, which strive to protect the main platform BIOS from malicious attack. However, these efforts generally do not address security issues related to all pieces of firmware, such as option ROMs.
Some efforts are made to protect option ROMs from malicious code during updates of option ROM firmware. One way of protecting option ROMs is to write-protect the option ROM to prevent any updates to the firmware code. Another way to protect option ROMs is to allow updates only through an option ROM subsystem code which initiates an update and connects directly with an update source. A third way to protect option ROMs is to program option ROM firmware to allow an update cycle to be initiated by the host platform CPU. Having a write-protect that prevents any updates limits maintenance options for the option ROM, such as to respond to difficulties that might arise over time with the execution of firmware instructions on different types of platforms. Allowing updates managed by an external network location or a host CPU will provide option ROM maintenance but also offer attack surfaces, such as reliance on third party suppliers to provide safe updates and a secure delivery mechanism.